Hacking Your Own Website

Session Materials:

When it comes to web application security testing, there are few tools that
can match BurpSuite by Portswigger.
In 2013 at the HackMiami "Pen-Test Tool Shootout", BurpSuite was confirmed as best value web security scanner.
While many of its users are security professionals, BurpSuite has a lot of value
to offer throughout the development lifecycle. As a developer I have used BurpSuite over the last
few years to test many websites and various SOAP and RESTful APIs.
In this talk we will quickly look at how to get up and running with the tool before moving to a
demonstration against a local vulnerable web application where we will cover uses of the tool for
finding common security vulnerabilites and how to create targeted attacks specific to our application.
We will also briefly cover the BurpSuite extension interface and the new BApp Store.
http://blog.portswigger.net/2013/06/burp-suite-confirmed-as-best-value-web.html